Insider Opinion: Interview with Alexey Belkin on Outpost Pro 3.5

Following the release of Outpost Firewall Pro 3.5, we received many questions from users about the program and where it is going in the future. Our chief software architect, Alexey Belkin, has agreed to answer the most common questions, which you’ll find answered below in our brief interview.

Q. Why should I upgrade to Outpost Firewall Pro 3.5?

A. The new version, particularly its automatic application of access rules for known programs, significantly decreases the number of prompts a user will receive – making the program much more convenient to work with. There are far fewer requests for confirmations about how to deal with application communication requests. In addition, the ability to automatically update the rules allows Outpost to plug existing third-party vulnerabilities before the vendor is able to issue security updates – so-called zero-hour protection. This new version has also received further security reinforcements and provides more security than ever before.

Q. How secure is Outpost Firewall Pro 3.5?

A. This new version is already more secure than its predecessor. For example, if an error in the existing firewall rules is detected, we can fix it and distribute an update almost immediately through the ImproveNet infrastructure. Errors in rules do sometimes occur and in former versions we could only deal with them by issuing an update and hoping that users would install it in a timely manner. Now, we can do this update automatically simply by distributing new application rulesets.

Q. Does Outpost still pass all the leak tests?

A. An independent leak test (you can read it at http://www.firewallleaktester.com) showed that security of the product has remained at its original high level. In the next release, we will be focusing on increasing security levels even further (but without making the product any harder to use).

Q. Tell us about the auto-rules - how secure are they really?

A. Thanks to the ImproveNet technology, we know not only about the rules that are missing from users’ configurations and the questions their Outpost installation asks, but we also learn about attempts to bypass the protection. Based on reports following the release of the new 3.5, we can see that the rulesets are on the whole much safer. Where the former configuration consisted of a large number of rulesets, of which only a very few were being used, which could cause some performance problems, rules are now applied only when needed. Users’ configurations now consist only of rules that are really required. And if users install Outpost with a clean configuration and auto-application of rules enabled, new rulesets are created specifically for the requirements of their system. So the automatic application can be discontinued after a day or two, because the necessary rulesets will already have been created. Users can then tweak those rules using the Rules Wizard alerts if they wish, but there is no real need to do so.

I’d also like to mention one largely-overlooked feature in 3.5 – the ability for users to regularly download new presets. Even if users have auto-application of rules turned off, they will find it useful to refresh the rulesets at intervals to allow for updated Rules Wizard settings to take care of updates in installed applications. We have intentionally tightened up a number of the rules because of the automatic application.

Q. What about editing the presets? Why did you remove this feature from 3.5?

A. The new format of preset file demands significantly higher technical knowledge on the part of the end user in order to edit them, which also goes against our mission to keep Internet security easy to use. Besides, the ImproveNet technology renders editing rulesets to customize them for individual systems largely unnecessary – an aspect which we will develop further in the next version. Of course, users can still easily edit configurations through the program interface without making changes to the internal files, which are not designed for such purposes.

Q. What about CPU usage? Some people say that Outpost works more slowly than before

A. Yes, this is a fair comment when comparing v3.0 and 3.5 with earlier versions. The primary reason is the addition of real-time anti-spyware protection – real-time traffic monitoring takes processing power, that is a fact of life for all such programs. Users who are really bothered by this can disable real-time spyware monitoring; in version 3.5 it is even possible to do this without sacrificing any security, because the program offers the ability to check applications for the presence of spyware at the moment they request network access for the first time or when they exhibit spyware-like behavior. It’s worth noting, though, that some high processing power consumption situations can also be caused by the application of incorrect rules for certain system access configurations.

Q. How are you planning to further improve security in the future?

A. Our continuing goal is to close all currently known ways to bypass firewall protection locally – these are the so-called leak tests. Thanks to significant changes which were introduced in 3.5 as well as the ImproveNet technology, this can be achieved with only a small increase in the number of user prompts at initial setup.A gradual decrease in the number of alerts can also be observed as ImproveNet database is being extended – this will also apply to the base of legitimate applications that are allowed to use risky technology to embed code.

We will also add functionality that will enable us to determine an application’s authenticity 100%. This will also help us to tighten up the rulesets.

Q. What is the future of the Outpost Firewall?

A. Even though Vista will not ship until next year, we are continuing to test the driver for x64 so that we are ready when Microsoft ships.

One of our main priorities is the creation of proactive protection which will lead to better system performance and even fiercer malware protection. Our intention in that respect is to simultaneously release x64 and x86 version of such protection.

Thank you Alexey for your answers!

About Alexey Belkin

Alexey is a chief software architect working for Agnitum in this position for more than two years. His main job responsibilities are: high-level software architecture design, creation of user interface, designing functional specifications for the company’s products. Alexey is a specialist in Windows networking and the holder of numerous certificates such as: Oracle Certified Professional (OCP), Microsoft Certified Solution Developer (MCSD), Microsoft Certified Database Administrator (MSDBA).